Microsoft, RSA Partner to Develop Next-Gen Data Loss Prevention

The alliance between Microsoft and RSA will move data loss prevention technology into the fabric of the IT infrastructure and improve protection by associating data with identities and classifications. Analysts are already calling the idea a "game changer."

In unveiling a new
technology sharing and development alliance, Microsoft and RSA—the
security division of storage giant EMC—took the first step toward
creating the next-generation of data loss prevention technology in
which the protection of sensitive digital assets will eventually reside
in the fabric of the IT infrastructure.

The basic idea behind the Microsoft-RSA DLP strategy is moving data
security from a series of point products that protect specific types of
information on specific platforms to a ubiquitous risk mitigation
strategy that’s transparent to end users. The alliance could result in
a new class of DLP technologies for solution providers to provide
business-technology consumers as a feature set in Microsoft’s vast
software portfolio or as value-added security layers through RSA’s
product portfolio.

"By building all of these technologies into the infrastructure,
we’re offering our customers a built-in solution and not a bolt-on
solution," says Tom Corn, vice president of product management and
marketing at RSA’s Data Security Group. "As part of that natural cycle
of helping [end users] use their infrastructure better, we’re
integrating the technology into the infrastructure."

DLP emerged over the last couple of years to guard against the
accidental and intentional disclosure of information in common identity
theft cases, such as Social Security and credit card numbers.
Business-technology consumers have adopted DLP as a means to curb
identity thefts as well as meet regulatory compliance under laws such
as the Health Insurance Portability and Privacy Act, Gramm-Leach-Bliley
Act (banking) and Sarbanes-Oxley Act.

To counter the risk of data loss and provide tools for regulatory
compliance, security vendors have raced to develop DLP products.
Companies such as Vontu, PortAuthority, IronPort and PointSec produced
the initial offerings. Through acquisitions and internal development,
vendors such as Websense, Symantec, Trend Micro, McAfee and Cisco
Systems have built the leading DLP applications.

Most of the existing DLP applications act in similar fashion to
anti-virus technology, in that they scan traffic for patterns indicative
of sensitive data. They often track data sets such as credit card and
Social Security numbers, easily identifiable database fields, telephone
numbers, addresses and financial figures.

While none of the existing technologies are foolproof, SecurityCurve
analyst Diana Kelley says current DLP products provide at least some
level of protection. However, she says the Microsoft-RSA alliance could
change the DLP paradigm in both the infrastructure implementation and
base the data classification and inspection on identity.

"Security needs to be identity-centric to keep information from
leaking," says JG Chirapurath, director of Identity and Security at
Microsoft.

Conceptually, the integration of RSA DLP technology with Microsoft
applications and identity management tools will enable users to locate
data wherever it resides or moves in the IT infrastructure. And it will
classify and protect data transparently to the users.

The Microsoft-RSA vision for evolving the technology calls for
classifying data by its content type, such as health care and finance.
That’s a significant difference from conventional DLP approaches,
Kelley says, since it can then create an identity for the data that is,
in theory, easier to monitor and control.

Corn explained, this methodology will enable business to associate
the data with users, location, use of the information and how data is
being handled.

"When you look at this problem and look at how customers are looking
for the solution, it’s one of the most important improvements in this
technology landscape," says Chirapurath.

Eventually, this DLP technology will become ubiquitous through the
Microsoft software universe. After integration with Windows Server’s
RMS, other data intensive applications that could soon get the
technology include Exchange (e-mail) and SharePoint (collaboration).

Additionally, RSA will be creating other DLP technologies and
products that are built upon the Microsoft platform but addresses
broader infrastructure needs. "The notion of having something that
answer the realities of the heterogeneous worlds, it gives us the
ability to solve those problems, too," Core said.

For now, though, the alliance’s first product is getting RSA’s DLP
engine talking with Microsoft’s Rights Management Service. While a
limited implementation, Kelley says it’s the most logical and right
step to take.

Lawrence Walsh is editor of Baseline magazine, overseeing print and online editorial content and the strategic direction of the publication. He is also a regular columnist for Ziff Davis Enterprise's Channel Insider. Mr. Walsh is well versed in IT technology and issues, and he is an expert in IT security technologies and policies, managed services, business intelligence software and IT reseller channels. An award-winning journalist, Mr. Walsh has served as editor of CMP Technology's VARBusiness and GovernmentVAR magazines, and TechTarget's Information Security magazine. He has written hundreds of articles, analyses and commentaries on the development of reseller businesses, the IT marketplace and managed services, as well as information security policy, strategy and technology. Prior to his magazine career, Mr. Walsh was a newspaper editor and reporter, having held editorial positions at the Boston Globe, MetroWest Daily News, Brockton Enterprise and Community Newspaper Company.